15-80
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Configuring Port-Based ACLs
Example 6
This example shows that a syslog is generated for any ports that fail to merge with the VACL and these
ports are temporarily placed in VLAN-based mode. The status of the merge is “merge disabled.”
Console> (enable) show port security-acl 3/1
Port Interface Type Interface Type Interface Merge Status
config runtime runtime
----- -------------- -------------- ----------------------
3/1 merge merge (VLAN=5) active
Config:
Port ACL name Type
----- -------------------------------- ----
3/1 ipacl1 IP
3/1 macacl1 MAC
Runtime:
Port ACL name Type
----- -------------------------------- ----
3/1 ipacl1 IP
3/1 macacl1 MAC
dhcp-snooping:
Port Trust Source-Guard Source-Guarded IP Addresses
----- ----------- ------------ ---------------------------
3/1 untrusted disabled
Console> (enable) set security acl map ipacl2 5
ACL ipacl2 is successfully mapped to VLAN 5.
2003 Oct 01 20:01:04 %ACL-3-MERGEFAILED:Failed to merge Security ACLs on ports(s) 3/1-4
with VLAN 5
2003 Oct 01 20:01:04 %ACL-3-PACLSMERGEDFORVLAN:Merge completed for all ports on Vlan 5
Console> (enable) show port security-acl 3/1
Port Interface Type Interface Type Interface Merge Status
config runtime runtime
----- -------------- -------------- ----------------------
3/1 merge merge (VLAN=5) disabled
Config:
Port ACL name Type
----- -------------------------------- ----
3/1 ipacl1 IP
3/1 macacl1 MAC
Runtime:
Port ACL name Type
----- -------------------------------- ----
3/1 ipacl1 IP
3/1 macacl1 MAC
dhcp-snooping:
Port Trust Source-Guard Source-Guarded IP Addresses
----- ----------- ------------ ---------------------------
3/1 untrusted disabled
Console> (enable)
To Next Page
Loading...
